Is SiftMail the same as sift.email?

No. SiftMail (siftmail.app) is an AI-powered email security and triage platform for end users that connects to Gmail or Outlook. sift.email is a separate, unrelated email-list verification API for marketers. The two products are different companies in different categories with no affiliation.

What does SiftMail do?

SiftMail connects to a user's Gmail or Outlook inbox, automatically categorizes every email, surfaces important messages, bundles promotions and newsletters into digests, and detects phishing, impersonation, and Business Email Compromise attempts. It also provides the Sift Inbox Index, a searchable index of inbox history.

Does SiftMail read my emails?

SiftMail reads email headers and metadata for triage and security analysis. Full message bodies are not stored. The classification models receive only the minimum data required to score and categorize each message.

Does SiftMail work with Outlook?

Yes. SiftMail supports both Gmail and Outlook (Microsoft 365) via OAuth.

Yes — Shield Lite is free forever and includes 1 mailbox, 100 daily scans, basic risk scoring, and a 7-day history scan. Shield Pro is $15 per month with a 3-day free trial. Domain Defense is $39 per user per month for teams.

Home > Threat Library > Homoglyph Attacks (Lookalike Domains)

🔤

Homoglyph Attacks (Lookalike Domains)

High SeverityHomoglyph domains increased 400% between 2021-2023

Homoglyph attacks exploit characters that look visually identical or very similar across different alphabets. Attackers register domains like "pаypal.com" (Cyrillic "а") that appear identical to "paypal.com" (Latin "a").

How it works

Attacker identifies target brand domain (e.g., paypal.com)
Registers a domain substituting look-alike Unicode characters
Common swaps: Cyrillic а/о/е for Latin a/o/e, digit 1 for lowercase l
Sends emails from the visually-identical domain that pass basic checks

Red flags to watch for

Email from a "known" sender but something feels off
Copy-paste the domain and compare it — homoglyphs break when pasted into a text editor
Unexpected requests from normally trusted senders

Real-world example

Subject: Your PayPal receipt for $499.99
From: service@pаypal.com
“You sent a payment of $499.99 to Electronics Depot. If you didn't authorize this transaction, click here to dispute it immediately.”

How to protect yourself

Use SiftMail Business tier with homoglyph detection enabled
Be suspicious of any email requesting action, even from "known" senders
Copy-paste sender addresses into a plain text editor to reveal character substitutions

How SiftMail detects this

SiftMail Business tier includes dedicated homoglyph detection that identifies Unicode character substitutions, Levenshtein-distance domain similarity, and flags impersonation attempts automatically.

Stop homoglyph attacks (lookalike domains) before they reach your inbox

SiftMail scores every incoming email and automatically quarantines threats. Free plan available, setup takes 30 seconds.

Protect My Inbox Free Check a Suspicious Email